Amazon CloudFront

Fast, highly secure and programmable content delivery network (CDN)

Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds, all within a developer-friendly environment. CloudFront is integrated with AWS – both physical locations that are directly connected to the AWS global infrastructure, as well as other AWS services. CloudFront works seamlessly with services including AWS Shield for DDoS mitigation, Amazon S3, Elastic Load Balancing or Amazon EC2 as origins for your applications, and Lambda@Edge to run custom code closer to customers’ users and to customize the user experience. Lastly, if you use AWS origins such as Amazon S3, Amazon EC2 or Elastic Load Balancing, you don’t pay for any data transferred between these services and CloudFront.

You can get started with the Content Delivery Network in minutes, using the same AWS tools that you're already familiar with: APIs, AWS Management Console, AWS CloudFormation, CLIs, and SDKs. Amazon's CDN offers a simple, pay-as-you-go pricing model with no upfront fees or required long-term contracts, and support for the CDN is included in your existing AWS Support subscription.

Benefits

Fast and global

Security at the Edge

The Amazon CloudFront content delivery network (CDN) is massively scaled and globally distributed. The CloudFront network has 180 points of presence (PoPs), and leverages the highly-resilient Amazon backbone network for superior performance and availability for your end users.

Amazon CloudFront is a highly-secure CDN that provides both network and application level protection. Your traffic and applications benefit through a variety of built-in protections such as AWS Shield Standard, at no additional cost. You can also use configurable features such as AWS Certificate Manager (ACM) to create and manage custom SSL certificates at no extra cost.

Highly Programmable

DEEP INTEGRATION WITH AWS

Amazon CloudFront features can be customized for your specific application requirements. Lambda@Edge functions, triggered by CloudFront events, extend your custom code across AWS locations worldwide, allowing you to move even complex application logic closer to your end users to improve responsiveness. The CDN also supports integrations with other tools and automation interfaces for today's DevOps and CI/CD environments by using native APIs or AWS tools.

Amazon CloudFront is integrated with AWS services such as Amazon S3, Amazon EC2, Elastic Load Balancing, Amazon Route 53, and AWS Elemental Media Services . They are all accessible via the same console and all features in the CDN can be programmatically configured by using APIs or the AWS Management Console.

Use Cases

Static asset caching

Live and on-demand video streaming

Security

Amazon CloudFront can speed up the delivery of your static content (e.g., images, style sheets, JavaScript, etc.) to viewers across the globe. The Content Delivery Network (CDN) offers a multi-tier cache by default, with regional Edge caches that improve latency and lower the load on your origin servers when the object is not already cached at the Edge. Caching static content gives you the performance and scale you need to give your viewers a fast and reliable experience when visiting your website.

The Amazon CloudFront CDN offers multiple options for streaming your media – both pre-recorded files and live events – at sustained, high throughput required for 4K delivery to global viewers. For on-demand streaming, you can use CloudFront for multi-bitrate adaptive streaming in Microsoft Smooth, HLS, HDS, or MPEG-DASH formats to any device. To broadcast a live stream, you can use the Content Delivery Network to cache the media fragments at the edge and collapse multiple requests for the manifest file to reduce load to your origin.

CloudFront integrates seamlessly with AWS Shield for Layer 3/4 DDoS mitigation and AWS WAF for Layer 7 protection. In addition, CloudFront negotiates TLS connections with the highest security ciphers, and authenticates viewers with signed URLs. You can also use our advanced feature Field-Level Encryption to protect most sensitive data throughout your enterprise, so the information can only be viewed by certain components and services in your application stack. CloudFront also integrates with AWS Identity and Access Management (IAM) to control access, with AWS CloudTrail to log access to your configuration, and with Amazon Certificate Manager (ACM) for automated certificate renewals.

Customizable content delivery with Lambda@Edge

Dynamic Content and API Acceleration

Software distribution

With Lambda@Edge you can easily run your code across AWS locations globally, allowing you to respond to your end users at the lowest latency and allowing you to personalize content. For example, you can deliver unique content based on attributes of your visitors, generate custom responses, or conduct A/B testing with your own custom code running on the CloudFront infrastructure. Learn more about Lambda@Edge.

Amazon CloudFront can be used to secure and accelerate your WebSocket traffic as well as API calls. CloudFront supports proxy methods (POST, PUT, OPTIONS, DELETE, and PATCH) and is already integrated with Amazon API Gateway by default. With the Content Delivery Network (CDN), TLS connections with clients terminate at a nearby edge location, then CloudFront uses optimized AWS-backbone network paths to securely reach your API servers. Learn more about API Acceleration with CloudFront.

Amazon CloudFront scales automatically as globally-distributed clients download software updates. You can make your software available right at the edge where your users are, via the content delivery network. The CDN's high data transfer rates speed up the delivery of your binaries, improving customer experience while lowering your costs.